Permanent CASB Integration Takeover due to Improper Access Controls+Confused Deputy Problem

Cloudflare's Cloud Access Security Broker (CASB) had a security vulnerability on a limited set of integrations, known as the "confused deputy problem." If an attacker managed to discover a valid Microsoft tenant UUID or Microsoft domain, GitHub or BOX's installation_id that a previous Cloudflare CASB customer had once connected but later removed, they could potentially exploit this to add a new integration to their account. This could have allowed the attacker to access sensitive information from CASB's findings for those integrations. However, Cloudflare's CASB engineering team acted swiftly to address this issue and eliminate the potential for such an attack. Additionally, an internal investigation found no evidence of customer data being impacted, except for the accounts used by the researcher who reported the vulnerability.